Forum Discussion
How to disable Smart App control through Intune for all the laptops in my organisation
Hi this is indeed a known new feature. You can read more about it here: https://learn.microsoft.com/en-us/windows/security/application-security/application-control/windows-defender-application-control/wdac
This part is a little unclear:
"Smart App Control is only available on clean installation of Windows 11 version 22H2 or later, and starts in evaluation mode. Smart App Control is automatically turned off for enterprise managed devices unless the user has turned it on first."
amart App Control is automatically turned off for enterprise managed devices", You would expect it be turned off when the device is Entra Joined.
But this part is more interesting for you: "To turn off Smart App Control across your organization's endpoints, you can set the VerifiedAndReputablePolicyState (DWORD) registry value under HKLM\SYSTEM\CurrentControlSet\Control\CI\Policy"
Just create a Powershell script, you could use Proactive Remediation script also and set the key to 0 that will solve your issue.
------
Please click Mark as Best Response & Like if my post helped you to solve your issue.
This will help others to find the correct solution easily. It also closes the item.
If the post was useful in other ways, please consider giving it Like.
I tried the above solution, and i didn't work.
We need to set HKLM\SYSTEM\CurrentControlSet\Control\CI\Protected to 0, but it doesn't work even through intune.
